Merge pull request #18 from telia-oss/fix-instance-policy-count

Fix instance policy count
telia-oss · Jul 22, 2019 · 078ff46 · 078ff46
2 parents 62a7946 + 54e6337
commit 078ff46
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 7 deletions.
diff --git a/main.tf b/main.tf
@@ -24,7 +24,6 @@ resource "aws_iam_instance_profile" "main" {
 }
 
 resource "aws_iam_role_policy" "main" {
-  count  = var.instance_policy == "" ? 0 : 1
   name   = "${var.name_prefix}-permissions"
   role   = aws_iam_role.main.id
   policy = var.instance_policy

diff --git a/variables.tf b/variables.tf
@@ -51,12 +51,6 @@ variable "ebs_block_devices" {
   default     = []
 }
 
-variable "instance_policy" {
-  description = "A policy document to apply to the instance profile."
-  type        = string
-  default     = ""
-}
-
 variable "min_size" {
   description = "The minimum (and desired) size of the auto scale group."
   type        = number
@@ -93,3 +87,20 @@ variable "tags" {
   default     = {}
 }
 
+variable "instance_policy" {
+  description = "A policy document to apply to the instance profile."
+  type        = string
+  default     = <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "placeholder",
+            "Effect": "Deny",
+            "NotAction": "*",
+            "NotResource": "*"
+        }
+    ]
+EOF
+}
+